Multiple Fault Attack on PRESENT with a Hardware Trojan Implementation in FPGA
This work addresses vulnerabilities in lightweight cryptography for Internet of Things devices, presenting an incremental attack method with practical implications.
The paper tackled the security of the lightweight cipher PRESENT by demonstrating a multiple fault attack that recovers the secret key using two faulty encryptions and an exhaustive search of 2^16 key bits, and provided a practical implementation using a Hardware Trojan in an FPGA.
Internet of Things connects lots of small constrained devices to the Internet. As in any other environment, communication security is important and cryptographic algorithms are one of many elements that we use in order to keep messages secure. Because of the constrained nature of these environments, it is necessary to use algorithms that do not require high computational power. Lightweight ciphers are therefore ideal candidates for this purpose. In this paper, we explore a possibility of attacking an ultra-lightweight cipher PRESENT by using a multiple fault attack. Utilizing the Differential Fault Analysis technique, we were able to recover the secret key with two faulty encryptions and an exhaustive search of 2^16 remaining key bits. Our attack aims at four nibbles in the penultimate round of the cipher, causing faulty output in all nibbles of the output. We also provide a practical attack scenario by exploiting Hardware Trojan (HT) technique for the proposed fault injection in a Xilinx Spartan-6 FPGA.